Bug#889144: stricter PIDfile handling breaks several daemons
Michael Biebl
biebl at debian.org
Sat Feb 3 00:51:58 GMT 2018
Control: severity -1 serious
Am 02.02.2018 um 20:07 schrieb Sven Hartge:
> On 02.02.2018 19:24, Michael Biebl wrote:
>> Am 02.02.2018 um 14:58 schrieb Sven Hartge:
>
>>> The upstream commit db256aab13d8a89d583ecd2bacf0aca87c66effc "core: be
>>> stricter when handling PID files and MAINPID sd_notify() messages"
>>> breaks several daemons in Debian.
>>>
>>> Known issues exist for
>>>
>>> - munin-node https://bugs.debian.org/889073
>>> - ulogd2
>>> - dnsmasq https://lists.debian.org/debian-user/2018/01/msg01331.html
>>>
>>> and possibly others.
>>>
>>> Symptom is a timeout during service start, constant service restarts (if
>>> configured) and log messages like:
>>>
>>> Feb 2 14:22:49 HOST systemd[1]: ulogd2.service: Permission denied while opening PID file or unsafe symlink chain: /run/ulog/ulogd.pid
>>> Feb 2 14:23:54 HOST systemd[1]: munin-node.service: Permission denied while opening PID file or unsafe symlink chain: /run/munin/munin-node.pid
>>>
>>> Problem lies, as far as I understand the change, in the permissions of
>>> the directory in which the PIDfile is created by the daemon. In all
>>> cases it does not belong root:root but the respective service user:
>>
>> Do those services drop privileges on their own?
>
> munin-node runs as root.
>
> ulogd2 drops its priviliges on its own. It needs to start as root to
> connect to the netlink sockets.
Let's bump this to TC, so the package doesn't migrate to testing until
we have a clearer picture how this issue should be solved.
I.e. if this is an issue in the individual packages or should be
addressed in systemd
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/attachments/20180203/ef393263/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list